This is now CVE-2021-21381, whoever comes to upload the debdiffs please consider the following:
* Please rename "- GHSA-xgh4-387p-hqpp" in the debian/changelog to "- CVE-2021-21381" * Please consider renaming the debian/patches from (for example) "GHSA-xgh4-387p-hqpp-1.patch" to "CVE-2021-21381-1.patch" ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-21381 ** Changed in: flatpak (Ubuntu Bionic) Assignee: (unassigned) => Andrew Hayzen (ahayzen) ** Changed in: flatpak (Ubuntu Focal) Assignee: (unassigned) => Andrew Hayzen (ahayzen) ** Changed in: flatpak (Ubuntu Groovy) Assignee: (unassigned) => Andrew Hayzen (ahayzen) ** Changed in: flatpak (Ubuntu Bionic) Status: New => In Progress ** Changed in: flatpak (Ubuntu Focal) Status: New => In Progress ** Changed in: flatpak (Ubuntu Groovy) Status: New => In Progress -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1918482 Title: Update for GHSA-xgh4-387p-hqpp To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/flatpak/+bug/1918482/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs